-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathstart_enterprise.ps1
More file actions
150 lines (134 loc) · 6.79 KB
/
start_enterprise.ps1
File metadata and controls
150 lines (134 loc) · 6.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
# ===============================================================
# PiQrypt v1.7.1 -- PiQrypt -- Enterprise
# Usage : .\start_enterprise.ps1
# ===============================================================
param([switch]$Manual)
$ROOT = Split-Path -Parent $MyInvocation.MyCommand.Path
Set-Location $ROOT
# -- Features ----------------------------------------------------
Write-Host ""
Write-Host " PiQrypt -- Enterprise" -ForegroundColor Yellow
Write-Host " -----------------------------------------------" -ForegroundColor DarkGray
Write-Host " Vigil : Complet + SSO + HSM + on-premise + SLA dedie" -ForegroundColor Green
Write-Host " TrustGate : Automatique -- politiques avancees + audit SOC2/ISO27001" -ForegroundColor Green
Write-Host " Alertes : tous niveaux" -ForegroundColor DarkGray
Write-Host " Bridges : illimites" -ForegroundColor DarkGray
Write-Host " Exports : .pqz certifie + PDF + SIEM" -ForegroundColor DarkGray
Write-Host " TrustGate : full auto" -ForegroundColor DarkGray
Write-Host " SSO : SAML, OAuth2, OIDC" -ForegroundColor DarkGray
Write-Host " HSM : integration cles materielle" -ForegroundColor DarkGray
Write-Host " On-premise : standard inclus" -ForegroundColor DarkGray
Write-Host " Agents : illimites -- Events : illimites" -ForegroundColor DarkGray
Write-Host ""
# -- Mode TrustGate --------------------------------------------------
if ($Manual) {
$TG_MODE = "manual"
Write-Host " Mode : TrustGate MANUEL (validation humaine)" -ForegroundColor Yellow
} else {
$TG_MODE = "automatic"
Write-Host " Mode : TrustGate AUTOMATIQUE (politiques driven)" -ForegroundColor Green
}
Write-Host ""
# -- Licence -----------------------------------------------------
$licenseFile = "$ROOT\.env.piqrypt"
if (Test-Path $licenseFile) {
Get-Content $licenseFile | ForEach-Object {
if ($_ -match "^PIQRYPT_LICENSE_KEY=(.+)$") { $env:PIQRYPT_LICENSE_KEY = $matches[1].Trim() }
if ($_ -match "^VIGIL_TOKEN=(.+)$") { $env:VIGIL_TOKEN = $matches[1].Trim() }
if ($_ -match "^TRUSTGATE_TOKEN=(.+)$") { $env:TRUSTGATE_TOKEN = $matches[1].Trim() }
if ($_ -match "^VIGIL_HOST=(.+)$") { $env:VIGIL_HOST = $matches[1].Trim() }
if ($_ -match "^TRUSTGATE_HOST=(.+)$") { $env:TRUSTGATE_HOST = $matches[1].Trim() }
}
}
if (-not $env:PIQRYPT_LICENSE_KEY) {
Write-Host " Cle de licence non trouvee dans .env.piqrypt" -ForegroundColor Yellow
Write-Host " (recue par email apres achat sur piqrypt.com)" -ForegroundColor DarkGray
Write-Host ""
$env:PIQRYPT_LICENSE_KEY = Read-Host " Entrez votre cle de licence PiQrypt"
if (-not $env:PIQRYPT_LICENSE_KEY) {
Write-Host " Cle manquante -- arret." -ForegroundColor Red
exit 1
}
$save = Read-Host " Sauvegarder dans .env.piqrypt ? [O/n]"
if ($save -ne "n") {
"PIQRYPT_LICENSE_KEY=$($env:PIQRYPT_LICENSE_KEY)" | Out-File -FilePath $licenseFile -Encoding utf8 -Append
Write-Host " Sauvegarde. Ne committez jamais .env.piqrypt (dans .gitignore)" -ForegroundColor DarkGray
}
}
# -- Activation --------------------------------------------------
Write-Host " Activation licence..." -ForegroundColor Cyan
$result = python -c "
import sys; sys.path.insert(0, '.')
try:
from aiss.license import activate, get_tier, get_license_info
activate('$($env:PIQRYPT_LICENSE_KEY)')
t = get_tier()
info = get_license_info()
agents = info.get('agent_limit') or 'illimite'
events = info.get('events_month_limit') or 'illimite'
print(f'OK:{t}:{agents}:{events}')
except Exception as e:
print(f'ERR:{e}')
"
if ($result -match "^OK:([^:]+):([^:]+):(.+)$") {
$tier = $matches[1]
$agents = $matches[2]
$events = $matches[3]
Write-Host " Licence OK -- Tier : $($tier.ToUpper()) | Agents : $agents | Events/mois : $events" -ForegroundColor Green
} else {
Write-Host " Erreur activation : $result" -ForegroundColor Red
Write-Host " Verifiez votre cle sur https://piqrypt.com/account" -ForegroundColor DarkGray
exit 1
}
# -- Tokens ------------------------------------------------------
if (-not $env:VIGIL_TOKEN) {
$env:VIGIL_TOKEN = python -c "import hashlib,os; k=os.getenv('PIQRYPT_LICENSE_KEY',''); print(hashlib.sha256(k.encode()).hexdigest()[:32])"
}
if (-not $env:TRUSTGATE_TOKEN) {
$env:TRUSTGATE_TOKEN = python -c "import hashlib,os; k=os.getenv('PIQRYPT_LICENSE_KEY','')+'_tg'; print(hashlib.sha256(k.encode()).hexdigest()[:32])"
}
if (-not $env:VIGIL_HOST) { $env:VIGIL_HOST = "0.0.0.0" }
if (-not $env:TRUSTGATE_HOST) { $env:TRUSTGATE_HOST = "0.0.0.0" }
# -- Lancement ---------------------------------------------------
Write-Host " Demarrage stack..." -ForegroundColor Cyan
$manualFlag = if ($TG_MODE -eq "manual") { "--manual" } else { "" }
$stackCmd = "`$env:PIQRYPT_LICENSE_KEY='$($env:PIQRYPT_LICENSE_KEY)'; `$env:VIGIL_TOKEN='$($env:VIGIL_TOKEN)'; `$env:TRUSTGATE_TOKEN='$($env:TRUSTGATE_TOKEN)'; `$env:VIGIL_HOST='$($env:VIGIL_HOST)'; `$env:TRUSTGATE_HOST='$($env:TRUSTGATE_HOST)'; Set-Location '$ROOT'; python piqrypt_start.py --all $manualFlag"
Start-Process powershell -ArgumentList @("-NoExit", "-Command", $stackCmd)
# -- Attente ports -----------------------------------------------
function Wait-Port {
param([int]$Port, [string]$Name)
Write-Host " Attente $Name..." -ForegroundColor DarkGray -NoNewline
$sw = [System.Diagnostics.Stopwatch]::StartNew()
while ($sw.Elapsed.TotalSeconds -lt 12) {
try {
$tcp = New-Object System.Net.Sockets.TcpClient
$tcp.Connect("127.0.0.1", $Port)
$tcp.Close()
Write-Host " pret" -ForegroundColor Green
return $true
} catch { Start-Sleep -Milliseconds 300 }
}
Write-Host " timeout" -ForegroundColor Red
return $false
}
# Vigil en premier
if (Wait-Port -Port 8421 -Name "Vigil") {
Start-Sleep -Milliseconds 500
Start-Process "http://localhost:8421/?token=$($env:VIGIL_TOKEN)"
}
# TrustGate ensuite
if (Wait-Port -Port 8422 -Name "TrustGate") {
Start-Sleep -Seconds 2
Start-Process "http://localhost:8422/console?token=$($env:TRUSTGATE_TOKEN)"
}
# -- Resume ------------------------------------------------------
Write-Host ""
Write-Host " ================================================" -ForegroundColor Yellow
Write-Host " PiQrypt -- Enterprise -- operationnel" -ForegroundColor Yellow
Write-Host " ================================================" -ForegroundColor Yellow
Write-Host " Vigil : http://localhost:8421" -ForegroundColor White
Write-Host " TrustGate : http://localhost:8422" -ForegroundColor White
Write-Host ""
Write-Host " Docs : https://piqrypt.com/docs/agents" -ForegroundColor DarkGray
Write-Host " Support : piqrypt@gmail.com" -ForegroundColor DarkGray
Write-Host ""